Servers:Hood: Difference between revisions

From Research
Jump to navigation Jump to search
No edit summary
No edit summary
 
Line 23: Line 23:
A successful query will produce over 500 records in both cases.
A successful query will produce over 500 records in both cases.
<br>
<br>
Next, go to the client-machine, and check both ports again; sometimes the syntax will vary a bit ('''-h''' versus '''-H''' for example), and you may also find it helpful to increase debug-verbosity with something like '''-d 1''':
Next, go to the client-machine, and check both ports 389 and 636 again; sometimes the syntax will vary a bit ('''-h''' versus '''-H''' for example), and you may also find it helpful to increase debug-verbosity with something like '''-d 1'''.  Again, you should see over 500 records:


  root@eprints:~# '''LDAPTLS_REQCERT=never ldapsearch -H ldaps://hood.iat.sfu.ca 636 -b'dc=iat,dc=sfu,dc=ca' -D 'cn=Reader,dc=iat,dc=sfu,dc=ca' -s sub -x -W'''
  root@eprints:~# '''LDAPTLS_REQCERT=never ldapsearch -H ldaps://hood.iat.sfu.ca 636 -b'dc=iat,dc=sfu,dc=ca' -D 'cn=Reader,dc=iat,dc=sfu,dc=ca' -s sub -x -W'''
<br>
 
  <font color=lime>gordp@sr-mig</font>:<font color=blue>/home/users/gordp-> </font> '''ldapsearch -H ldap://209.87.56.238 -b'dc=iat,dc=sfu,dc=ca' -D 'cn=Reader,dc=iat,dc=sfu,dc=ca' -s sub -W'''
  <font color=lime>gordp@sr-mig</font>:<font color=blue>/home/users/gordp-> </font> '''ldapsearch -H ldap://209.87.56.238 -b'dc=iat,dc=sfu,dc=ca' -D 'cn=Reader,dc=iat,dc=sfu,dc=ca' -s sub -W'''
  Enter LDAP Password: ''<supersecret>''
  Enter LDAP Password: ''<supersecret>''

Latest revision as of 16:59, 28 September 2012

CONFIGURATION NOTES:

Hood runs OpenLDAP, containing usernames and passwords, for authentication: desktop/workstation logins, and various research services.

Hood is our WINS server.

From any windows computer, using ipconfig, you should see wins server = 209.87.56.238 (hood)


Machine info: Xeon 2.6GHz, 1GB, GigE, 3ware 7000-2, 2x 40GB RAID1 Into service July 2003


  • Testing LDAP:

When any question arises about LDAP and contacting the LDAP server, it's a good idea to start on Hood and check that things are running properly. The first command uses the plain-text port 389, while the second example uses SSL and port 636:

hood ~ # ldapsearch -H ldap://209.87.56.238 -b'dc=iat,dc=sfu,dc=ca' -D 'cn=Reader,dc=iat,dc=sfu,dc=ca' -s sub -x -W
Enter LDAP Password: <supersecret>
hood ~ # ldapsearch -h ldaps://209.87.56.238 -p 636 -b'dc=iat,dc=sfu,dc=ca' -D 'cn=Reader,dc=iat,dc=sfu,dc=ca' -s sub -x -W
Enter LDAP Password: <supersecret>

A successful query will produce over 500 records in both cases.
Next, go to the client-machine, and check both ports 389 and 636 again; sometimes the syntax will vary a bit (-h versus -H for example), and you may also find it helpful to increase debug-verbosity with something like -d 1. Again, you should see over 500 records:

root@eprints:~# LDAPTLS_REQCERT=never ldapsearch -H ldaps://hood.iat.sfu.ca 636 -b'dc=iat,dc=sfu,dc=ca' -D 'cn=Reader,dc=iat,dc=sfu,dc=ca' -s sub -x -W
gordp@sr-mig:/home/users/gordp->  ldapsearch -H ldap://209.87.56.238 -b'dc=iat,dc=sfu,dc=ca' -D 'cn=Reader,dc=iat,dc=sfu,dc=ca' -s sub -W
Enter LDAP Password: <supersecret>